$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144843.roa File: AS144843.roa (raw, json) Hash identifier: rxiXuUX5aWruZmmg2qkPclCmAvI99u697mZU3Cw9KNU= Subject key identifier: 47:DB:55:FF:24:19:FF:34:F8:3F:54:93:5B:0A:56:DA:AD:4F:B7:29 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 61E5C1A5E15E0C62B39B31C3D725942145A2325F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144843.roa Signing time: Wed 04 Mar 2026 06:19:26 +0000 ROA not before: Wed 04 Mar 2026 06:14:26 +0000 ROA not after: Wed 03 Mar 2027 06:19:26 +0000 asID: 144843 IP address blocks: 240a:a891::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:e5:c1:a5:e1:5e:0c:62:b3:9b:31:c3:d7:25:94:21:45:a2:32:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:14:26 2026 GMT Not After : Mar 3 06:19:26 2027 GMT Subject: CN=47DB55FF2419FF34F83F54935B0A56DAAD4FB729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:3e:2c:4b:8f:5f:e3:5d:b7:37:b1:49:32:e0: 5b:1c:63:12:44:ea:c0:a4:49:3f:3f:a6:79:7d:4a: 4b:c4:36:be:c8:14:c3:81:2d:02:f7:70:75:e1:d5: 61:3e:43:5e:a3:23:a7:85:d6:5a:02:a1:7b:6c:a9: 02:8c:25:04:48:a6:e1:97:93:9e:70:ea:d5:1d:81: 0c:5a:06:83:b9:7b:72:1e:10:4f:7c:d4:0f:06:06: 52:c0:0b:f4:97:2b:90:9d:f2:de:e8:7d:96:3c:c2: 25:9f:98:4e:c2:58:03:53:ed:cc:aa:77:6a:f4:65: 06:af:f3:39:d7:38:3f:b3:71:f0:31:08:7d:10:45: 63:b7:ac:13:7b:be:90:ac:94:5e:7e:4a:90:c0:c2: ed:a0:df:5c:0f:0f:76:77:f4:31:54:6d:d7:34:e5: 85:f3:ca:c2:88:d1:d4:bd:0b:f2:75:5d:91:8d:c8: a7:2d:02:8a:b3:9a:9e:63:84:ad:ed:ac:c3:54:01: 08:83:38:ed:2f:5c:f7:fc:5a:fd:4b:f2:29:dc:57: 35:8f:fc:ad:1e:19:ea:db:2b:b1:ee:71:96:b0:1a: a7:6c:02:dd:46:cf:97:2d:14:46:cd:65:04:64:d1: ac:a2:6f:7d:6f:6b:9c:b6:f5:19:0f:b1:23:30:5c: 65:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:DB:55:FF:24:19:FF:34:F8:3F:54:93:5B:0A:56:DA:AD:4F:B7:29 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144843.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a891::/32 Signature Algorithm: sha256WithRSAEncryption 83:ff:a0:30:e1:2a:96:5c:02:02:d0:22:e6:46:9f:8e:3b:b3: 08:7d:16:94:3f:14:8d:b4:fb:6c:bc:c4:8c:c6:ad:86:1c:78: ee:b7:8d:a6:66:0e:3f:e1:f0:07:af:1f:81:0e:68:87:b7:2c: cf:e9:fb:11:f3:48:09:4f:1a:35:e1:6f:9c:8d:57:0c:e1:6e: 3e:99:d9:f3:77:29:0c:42:f9:8f:37:6c:99:93:c3:1b:96:e5: 7f:16:13:80:70:91:cf:3d:78:6f:76:15:da:02:3a:f3:37:a1: e7:d8:93:33:52:ac:a6:9f:39:16:86:5e:ee:22:33:22:23:3e: 2b:44:c0:f5:fc:45:15:ad:49:40:23:7c:6f:be:4e:c3:66:cd: c5:eb:9b:0b:ed:79:85:07:d0:4a:fb:e0:19:83:4d:c7:b0:11: e7:1a:37:14:91:93:ac:01:14:61:31:d1:d4:3e:c2:7f:35:c8: 36:3c:f2:9a:12:48:b1:d0:4f:2e:fe:f1:81:4d:37:bc:a3:d3: 32:05:f8:65:0b:8a:22:54:75:53:b9:3a:eb:c4:5f:8f:50:2f: 50:b9:15:21:b8:ab:01:a5:fb:44:c2:79:f6:4a:fb:1e:9f:3e: 0e:6e:f6:20:6d:5f:c0:63:d3:eb:df:6f:16:97:b3:69:49:bb: 2f:e4:ab:17 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYeXBpeFeDGKzmzHD1yWUIUWiMl8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTQyNloX DTI3MDMwMzA2MTkyNlowMzExMC8GA1UEAxMoNDdEQjU1RkYyNDE5RkYzNEY4M0Y1 NDkzNUIwQTU2REFBRDRGQjcyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMU+LEuPX+NdtzexSTLgWxxjEkTqwKRJPz+meX1KS8Q2vsgUw4EtAvdwdeHV YT5DXqMjp4XWWgKhe2ypAowlBEim4ZeTnnDq1R2BDFoGg7l7ch4QT3zUDwYGUsAL 9JcrkJ3y3uh9ljzCJZ+YTsJYA1PtzKp3avRlBq/zOdc4P7Nx8DEIfRBFY7esE3u+ kKyUXn5KkMDC7aDfXA8Pdnf0MVRt1zTlhfPKwojR1L0L8nVdkY3Ipy0CirOanmOE re2sw1QBCIM47S9c9/xa/UvyKdxXNY/8rR4Z6tsrse5xlrAap2wC3UbPly0URs1l BGTRrKJvfW9rnLb1GQ+xIzBcZQ0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRH21X/ JBn/NPg/VJNbClbarU+3KTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDg0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qJEwDQYJKoZIhvcNAQELBQADggEBAIP/oDDhKpZcAgLQIuZGn447swh9FpQ/FI20 +2y8xIzGrYYceO63jaZmDj/h8AevH4EOaIe3LM/p+xHzSAlPGjXhb5yNVwzhbj6Z 2fN3KQxC+Y83bJmTwxuW5X8WE4Bwkc89eG92FdoCOvM3oefYkzNSrKafORaGXu4i MyIjPitEwPX8RRWtSUAjfG++TsNmzcXrmwvteYUH0Er74BmDTcewEecaNxSRk6wB FGEx0dQ+wn81yDY88poSSLHQTy7+8YFNN7yj0zIF+GULiiJUdVO5OuvEX49QL1C5 FSG4qwGl+0TCefZK+x6fPg5u9iBtX8Bj0+vfbxaXs2lJuy/kqxc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:52 2026 by rpki-client